package com.example.demo.controller;


import com.example.demo.entity.User;
import com.example.demo.service.UserService;
import lombok.extern.slf4j.Slf4j;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.*;
import org.apache.shiro.session.Session;
import org.apache.shiro.subject.Subject;
import org.springframework.web.bind.annotation.*;

import javax.annotation.Resource;

/**
 * <p>
 * 用户信息表 前端控制器
 * </p>
 *
 * @author ElonChung
 * @since 2020-05-08
 */
@Slf4j
@RestController
@RequestMapping("/user")
public class UserController {

    @Resource
    UserService userService;

    @GetMapping("getOne/{id}")
    public User getOne(@PathVariable("id") Integer id) {
        return userService.getById(id);
    }

    @PostMapping("login")
    public void login(@RequestBody User user) {
        String username = user.getName();
        String password = user.getPwd();
        Subject subject = SecurityUtils.getSubject();
        UsernamePasswordToken token = new UsernamePasswordToken(username, password);
        try {
            subject.login(token);
            System.out.println(token.getPrincipal() + "登录成功");
            Session session = subject.getSession();
            session.setAttribute("userInfo", (User) subject.getPrincipal());
        } catch (UnknownAccountException e) {//用户名不存在
            System.out.println("用户名不存在");
        } catch (IncorrectCredentialsException e) {
            System.out.println("Password for account " + token.getPrincipal() + " was incorrect!");
        } catch (LockedAccountException lae) {
            System.out.println("The account for username " + token.getPrincipal() + " is locked.  " +
                    "Please contact your administrator to unlock it.");
        } catch (AuthenticationException ae) {
        }
        System.out.println("User [" + subject.getPrincipal() + "] logged in successfully.");

        if (subject.hasRole("schwartz")) {
            System.out.println("May the Schwartz be with you!");
        } else {
            System.out.println("Hello, mere mortal.");
        }

        //test a typed permission (not instance-level)
        if (subject.isPermitted("user:add")) {
            System.out.println("You may use a lightsaber ring.  Use it wisely.");
        } else {
            System.out.println("Sorry, lightsaber rings are for schwartz masters only.");
        }

        //a (very powerful) Instance Level permission:
        if (subject.isPermitted("user:update")) {
            System.out.println("You are permitted to 'drive' the winnebago with license plate (id) 'eagle5'.  " +
                    "Here are the keys - have fun!");
        } else {
            System.out.println("Sorry, you aren't allowed to drive the 'eagle5' winnebago!");
        }

    }

    @PutMapping("add")
    public void add(@RequestBody User user) {

        Subject subject = SecurityUtils.getSubject();

        System.out.println(subject.getSession().getAttribute("userInfo"));

        System.out.println("add");
    }

    @PostMapping("update")
    public void update(@RequestBody User user) {
        Subject subject = SecurityUtils.getSubject();
        if (subject.isAuthenticated()) {
            User principal = (User)subject.getPrincipal();
//            User currentUser = (User) subject.getSession().getAttribute("userInfo");
            System.out.println(principal.getName());
        } else {
            System.out.println("用户未登录");
        }
        System.out.println("update");
    }

    @GetMapping("logout")
    public void logout() {
        Subject subject = SecurityUtils.getSubject();

        if (subject.isAuthenticated()) {
            subject.logout();
        } else {
            System.out.println("用户未登录");
        }

    }
}

